RC (PCAB) [Internal] Apikey verify

1 Purpose
2 Key points
3 Specification
4 Verify apikey
5 Service logic

Purpose

This method is designed to verify MIS/PIS apikey and return additional details of MIS/PIS.

Key points

This is an internal method, so it does not have endpoint. Method is used by Kong service.
Method verifies apikey and returns additional details of MIS/PIS: client_id, broker_scope list and client_type scope list.
In case if apikey is verified – verification result is also saved to Redis cache for configured amount of time.

Specification

Request

http://api-svc.mithril/admin/api_key/{api_key}/verify

Response

{
  "data": {
    "details": {
      "broker_scope": "app:read_pis app:delete profile:read trusted_confidant_person:login trusted_confidant_person:sign_up person_documents:write declaration_request:read_pis declaration_request:write_pis party:read_pis declaration_request:details_pis person:details_pis party:read_pis employee:read_pis declaration:terminate_pis person_requests:read_pis trusted_confidant_person:login person_verification:details_pis declaration:read_pis declaration:details_pis person_requests:details_pis declaration_request:sign_pis authentication_method:read_pis",
      "client_id": "8a99ffdf-314e-4419-931d-a76f41f8c456",
      "scope": "app:read_pis app:delete_pis profile:read trusted_person:login trusted_person:sign_up trusted_confidant_person:login trusted_confidant_person:sign_up person_documents:write_pis person_verification:details_pis person:details_pis authentication_method:read_pis declaration_request:read_pis declaration_request:details_pis declaration_request:write_pis declaration_request:sign_pis declaration_request:reject_pis declaration:read_pis declaration:details_pis declaration:terminate_pis person_request:read_pis person_request:details_pis authentication_method_request:write_pis employee:read_pis legal_entity:read_pis division:read_pis party:read_pis employee_role:read_pis healthcare_service:read_pis person_request:reject_pis person_requests:read_pis person_requests:details_pis"
    }
  },
  "urgent": {
    "mis_client_id": "8a99ffdf-314e-4419-931d-a76f41f8c456"
  }
}

Verify apikey

Check that apikey exists in connections table, mithril database, with secret = hashed api_key from URL
- in case of error - return 422 ('API-KEY is invalid.')

Service logic

Obtain data from connections, clients and client_types tables of mithril database.
Prepare data for response, set values:
1. details.broker_scope = clients.priv_settings.broker_scope
2. details.client_id = connections.client_id
3. details.scope = client_types.scope
4. mis_client_id = connections.client_id
Render a response according to specification.
Save successful response to Redis cache database with key = apikey_{api_key} and TTL = value from APIKEY_VERIFY_TTL_SECONDS config parameter (in seconds).